[db-wg] API keys for database maintenance
- Next message (by thread): [db-wg] API keys for database maintenance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sebastian Wiesinger
sebastian at karotte.org
Wed Mar 11 12:22:25 CET 2020
* Tore Anderson via db-wg <db-wg at ripe.net> [2020-02-21 11:54]: > Hi WG. > > In the LIR Portal, at https://lirportal.ripe.net/api/, it is > possible to issue API keys for use with several different RIPE NCC > services. > > However, it is unfortunately not possible to issue API keys for the > two APIs that are used for database maintenance; Syncupdates and the > RESTful API. The documentation implies that the only authorisation > [sic] method for those APIs is MD5-PW. Hello, I would support a modern approach to authorisation with the WEB API. I don't think it should be bound the LIR portal (as there might be users who are not an LIR). But some sort of API-friendly authentication for maintainers would be appreciated, maybe coupled to SSO user accounts. Just sending the password as an URL parameter is not really a modern approach, also you would need to change the maintainer password every time someone leaves the company. Best Regards Sebastian -- GPG Key: 0x58A2D94A93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE) 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE. -- Terry Pratchett, The Fifth Elephant -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 959 bytes Desc: not available URL: <https://lists.ripe.net/ripe/mail/archives/db-wg/attachments/20200311/222f5b74/attachment.sig>
- Next message (by thread): [db-wg] API keys for database maintenance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]